Authentication
AyushBridge uses ABHA (Ayushman Bharat Health Account) OAuth 2.0 for secure authentication, ensuring compliance with India's digital health standards and enabling seamless integration with the national health ecosystem.
ABHA OAuth 2.0 Authentication
AyushBridge integrates with India's national health ID system through ABHA OAuth 2.0, providing secure, standardized authentication for healthcare applications.
Prerequisites
Before you can authenticate with AyushBridge, you need:
- ABHA Developer Account: Register at ABHA Developer Portal
- Client Credentials: Obtain your Client ID and Client Secret
- Redirect URI: Configure your application's callback URL
- Scopes: Request appropriate permissions for your use case
Client Credentials Flow
For server-to-server authentication, use the client credentials grant type:
curl -X POST "https://abha.abdm.gov.in/auth/oauth2/token"
-H "Content-Type: application/x-www-form-urlencoded"
-d "grant_type=client_credentials"
-d "client_id=YOUR_CLIENT_ID"
-d "client_secret=YOUR_CLIENT_SECRET"
-d "scope=openid profile abha-enrol"
Making Authenticated Requests
Include the access token in the Authorization header for all API requests:
Example request with bearer token
curl -X GET "https://api.ayushbridge.in/fhir/ValueSet/namaste/\$expand?filter=amavata"
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
-H "Accept: application/fhir+json"
Always keep your token safe and implement proper token refresh mechanisms for production applications.
Authorization Scopes
AyushBridge supports different OAuth scopes for granular access control:
| Scope | Description |
|---|---|
openid | Basic OpenID Connect |
profile | User profile information |
abha-enrol | ABHA enrollment data |
terminology-read | Read terminology data |
terminology-write | Write terminology data |
translation | Code translation services |
Authentication
You'll need to authenticate your requests to access any of the endpoints in the Protocol API. In this guide, we'll look at how authentication works. Protocol offers two ways to authenticate your API requests: Basic authentication and OAuth2 with a token — OAuth2 is the recommended way.
Basic authentication
With basic authentication, you use your username and password to authenticate your HTTP requests. Unless you have a very good reason, you probably shouldn't use basic auth. Here's how to authenticate using cURL:
Example request with basic auth
curl https://api.protocol.chat/v1/conversations \
-u username:password
Please don't commit your Protocol password to GitHub!
OAuth2 with bearer token
The recommended way to authenticate with the Protocol API is by using OAuth2. When establishing a connection using OAuth2, you will need your access token — you will find it in the Protocol dashboard under API settings. Here's how to add the token to the request header using cURL:
Example request with bearer token
curl https://api.protocol.chat/v1/conversations \
-H "Authorization: Bearer {token}"
Always keep your token safe and reset it if you suspect it has been compromised.
Using an SDK
If you use one of our official SDKs, you won't have to worry about any of the above — fetch your access token from the Protocol dashboard under API settings, and the client library will take care of the rest. All the client libraries use OAuth2 behind the scenes.